WO2016074748A1 - Informations d'emplacement pour accès non sécurisé - Google Patents

Informations d'emplacement pour accès non sécurisé Download PDF

Info

Publication number
WO2016074748A1
WO2016074748A1 PCT/EP2014/074665 EP2014074665W WO2016074748A1 WO 2016074748 A1 WO2016074748 A1 WO 2016074748A1 EP 2014074665 W EP2014074665 W EP 2014074665W WO 2016074748 A1 WO2016074748 A1 WO 2016074748A1
Authority
WO
WIPO (PCT)
Prior art keywords
network
access
terminal
information
generation partnership
Prior art date
Application number
PCT/EP2014/074665
Other languages
English (en)
Inventor
Anders Jan Olof Kall
Gyorgy Tamas Wolfner
Original Assignee
Nokia Solutions And Networks Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Solutions And Networks Oy filed Critical Nokia Solutions And Networks Oy
Priority to EP14796789.7A priority Critical patent/EP3219122A1/fr
Priority to US15/526,906 priority patent/US11019486B2/en
Priority to JP2017526084A priority patent/JP6463838B2/ja
Priority to PCT/EP2014/074665 priority patent/WO2016074748A1/fr
Priority to CN201480084552.3A priority patent/CN107113562B/zh
Publication of WO2016074748A1 publication Critical patent/WO2016074748A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/084Access security using delegated authorisation, e.g. open authorisation [OAuth] protocol
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/02Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
    • H04W8/08Mobility data transfer
    • H04W8/16Mobility data transfer selectively restricting mobility data tracking
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/04Large scale networks; Deep hierarchical networks
    • H04W84/042Public Land Mobile systems, e.g. cellular systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]

Definitions

  • the present invention relates to an apparatus, a method, and a computer program product related to non-3GPP access. More particularly, the present invention relates to an apparatus, a method, and a computer program product related to location information for non-3GPP access.
  • EPC Evolved Packet Core
  • ePDG Evolved PDG GPRS Generic Packet Radio Service
  • WiFi Wireless Fidelity also named WLAN
  • 3GPP specifies two types of WLAN access: trusted and untrusted (see details in 3GPP TS 23.402). Whether a Non-3GPP access network (such as a WLAN network) is trusted or untrusted is not a characteristic of the access network but decided by the respective 3GPP operator. I.e., a non-3GPP network may be trusted for one 3GPP operator and untrusted for another 3GPP operator. There are differences in the signalling between an untrusted access network and the core network and between a trusted access network and the core network respectively. One difference is that a so-called ePDG network entity is only inserted between the untrusted access network and the core network and there is no corresponding network entity between the trusted access network and the core network.
  • ePDG network entity is only inserted between the untrusted access network and the core network and there is no corresponding network entity between the trusted access network and the core network.
  • 3GPP specifications currently specify how to determine network provided location information for a UE connected to EPC using trusted access, i.e. TWAN.
  • TWAG delivers trusted location information to the PGW over the S2a interface in the "TWAN Identifier” information element in GTPv2 signalling and in the "Access Network Identifier” information element in PMIPv6 signalling.
  • TWAG also delivers the UE's location information to the 3GPP AAA Server over the STa interface in the "Access-Network-Info" AVP.
  • An LCS client Software and/or hardware entity that requests location information for e.g. one or more UEs
  • an application server e.g. SIP Application Server and/or the OSA Service Capability Server
  • the HSS can then request the location information for a specific UE, i.e. the "Access- Network- Info" AVP, from the 3GPP AAA Server over the SWx interface.
  • TWAG is the gateway of TWAN interfacing with the PGW over the S2a interface and with the 3GPP AAA Server over the STa interface.
  • UAGW is the gateway of the untrusted access network interfacing with the PGW via eDPG over the S2b interface and with the 3GPP AAA Server over the SWa interface.
  • the relevant interfaces according to 3GPP TS 23.402 are shown in Fig. 1 .
  • the PGW is the user plane anchor for mobility between 3GPP access and (trusted or untrusted) non-3GPP access.
  • ePDG is responsible for handling the local and remote IP addresses, routing of packets from/to PGW to/from UE; and serves as a tunnel endpoint for the Swu interface to the UE via an IPsec tunnel through the untrusted non-3GPP network.
  • the ePDG identifier (or the location of the ePDG) and the access network type (RAT Type) is the only location related information that the network can use to determine some approximation of the UE's location when untrusted WLAN is used to access EPC.
  • RAT Type access network type
  • the network can deliver and assure more specific location information for a UE connected to the ePDG using untrusted access.
  • the ePDG location may be totally different from the location of the UE if a UE can access the ePDG via the Internet. E.g. it is possible to use an ePDG of the HPLMN from another country.
  • an apparatus comprising checking means adapted to check if a terminal is authenticated and authorized to access an access network of a type different from a third generation partnership project network type, wherein user information is requested from a server of a network of the third generation partnership project type for the authenticating and authorizing; providing means adapted to provide, if the terminal is authenticated and authorized based on the user information, a location information of the terminal to the server.
  • the location information may be provided in an access-network-info attribute value pair.
  • the access network may be not trusted by the network of the third generation partnership project type.
  • the access network may provide an access via a wireless local area network, and/or the access network may provide a fixed wired access.
  • an apparatus comprising monitoring means adapted to monitor if a gateway requests an authentication and authorization for a terminal and an information on a location of the terminal; providing means adapted to provide, if the request for the information on the location is received, the information on the location to the gateway in response to the request.
  • the apparatus may further comprise inhibiting means adapted to inhibit the providing means from providing the location information if at least one of the authentication and authorization is not provided to the gateway in response to the request.
  • the apparatus may be comprised in an authentication, authorization and accounting server of a third generation partnership project network.
  • an apparatus comprising monitoring means adapted to monitor if a tunnel to a terminal via an untrusted (not trusted) network is to be established, wherein the tunnel is set up only if the terminal is authenticated and authorized; requesting means adapted to request, if the tunnel is to be established, the authentication and authorization and an information on a location of the terminal; providing means adapted to provide the information on the location received in response to the request to a gateway.
  • the apparatus may be comprised in a packet data gateway of a third generation partnership project network.
  • the untrusted network may be a wireless local area network.
  • an apparatus comprising gateway means adapted to provide a gateway function to a third generation partnership project network; providing means adapted to provide a location information of a terminal to the third generation partnership project network, wherein the location information is received from an access network having a network type different from a third generation partnership project network type.
  • the access network may be untrusted by the third generation partnership project network.
  • an apparatus comprising checking circuitry configured to check if a terminal is authenticated and authorized to access an access network of a type different from a third generation partnership project network type, wherein user information is requested from a server of a network of the third generation partnership project type for the authenticating and authorizing; providing circuitry configured to provide, if the terminal is authenticated and authorized based on the user information, a location information of the terminal to the server.
  • the location information may be provided in an access-network-info attribute value pair.
  • the access network may be not trusted by the network of the third generation partnership project type.
  • the access network may provide an access via a wireless local area network, and/or the access network may provide a fixed wired access.
  • an apparatus comprising monitoring circuitry configured to monitor if a gateway requests an authentication and authorization for a terminal and an information on a location of the terminal; providing circuitry configured to provide, if the request for the information on the location is received, the information on the location to the gateway in response to the request.
  • the apparatus may further comprise inhibiting circuitry configured to inhibit the providing circuitry from providing the location information if at least one of the authentication and authorization is not provided to the gateway in response to the request.
  • the apparatus may be comprised in an authentication, authorization and accounting server of a third generation partnership project network.
  • an apparatus comprising monitoring circuitry configured to monitor if a tunnel to a terminal via an untrusted (not trusted) network is to be established, wherein the tunnel is set up only if the terminal is authenticated and authorized; requesting circuitry configured to request, if the tunnel is to be established, the authentication and authorization and an information on a location of the terminal; providing circuitry configured to provide the information on the location received in response to the request to a gateway.
  • the apparatus may be comprised in a packet data gateway of a third generation partnership project network.
  • the untrusted network may be a wireless local area network.
  • an apparatus comprising gateway circuitry configured to provide a gateway function to a third generation partnership project network; providing circuitry configured to provide a location information of a terminal to the third generation partnership project network, wherein the location information is received from an access network having a network type different from a third generation partnership project network type.
  • the access network may be untrusted by the third generation partnership project network.
  • a method comprising checking if a terminal is authenticated and authorized to access an access network of a type different from a third generation partnership project network type, wherein user information is requested from a server of a network of the third generation partnership project type for the authenticating and authorizing; providing, if the terminal is authenticated and authorized based on the user information, a location information of the terminal to the server.
  • the location information may be provided in an access-network-info attribute value pair.
  • the access network may be not trusted (untrusted) by the network of the third generation partnership project type.
  • the access network may provide an access via a wireless local area network and/or the access network may provide a fixed wired access.
  • a method comprising monitoring if a gateway requests an authentication and authorization for a terminal and an information on a location of the terminal; providing, if the request for the information on the location is received, the information on the location to the gateway in response to the request.
  • the method may further comprise inhibiting the providing means from providing the location information if at least one of the authentication and authorization is not provided to the gateway in response to the request.
  • the method may be performed in an authentication, authorization and accounting server of a third generation partnership project network.
  • a method comprising monitoring if a tunnel to a terminal via an untrusted network is to be established, wherein the tunnel is set up only if the terminal is authenticated and authorized; requesting, if the tunnel is to be established, the authentication and authorization and an information on a location of the terminal; providing the information on the location received in response to the request to a gateway.
  • the method may be performed in a packet data gateway of a third generation partnership project network.
  • the untrusted network may be a wireless local area network.
  • a method comprising providing a gateway function to a third generation partnership project network; providing a location information of a terminal to the third generation partnership project network, wherein the location information is received from an access network having a network type different from a third generation partnership project network type.
  • the access network may be untrusted by the third generation partnership project network.
  • Each of the methods of the ninth to twelfth aspects may be a method of providing location information.
  • a computer program product comprising a set of instructions which, when executed on an apparatus, is configured to cause the apparatus to carry out the method according to any one of the ninth to twelfth aspects.
  • the computer program product may be embodied as a computer-readable medium or directly loadable into a computer.
  • location information is made available in the 3GPP network not only in case the UE is in a trusted non-3GPP network but also if the UE is in a untrusted non-3GPP network.
  • Fig. 1 shows 3GPP specified interfaces according to 3GPP TS 23.402;
  • Fig. 2 shows an apparatus according to an embodiment of the invention ;
  • Fig. 3 shows a method according to an embodiment of the invention ;
  • Fig. 4 shows an apparatus according to an embodiment of the invention ;
  • Fig. 5 shows a method according to an embodiment of the invention ;
  • Fig. 6 shows an apparatus according to an embodiment of the invention ;
  • Fig. 7 shows a method according to an embodiment of the invention ;
  • Fig. 8 shows an apparatus according to an embodiment of the invention ;
  • Fig. 9 shows a method according to an embodiment of the invention ;
  • Fig. 1 0 shows an apparatus according to an embodiment of the invention.
  • the apparatus is configured to perform the corresponding method, although in some cases only the apparatus or only the method are described. So far it has not been possible for the AGW in the untrusted network (UAGW) to deliver location information to the PGW and it has not been possible for the UAGW to deliver location information the 3GPP AAA Server either. Namely, it has not been described or specified how the 3GPP network can determine and assure the location of a UE that is connected to EPC over an untrusted access via ePDG more specifically than by location of ePDG and RAT type. There is a need arising to deliver such network assured location information to PGW and/or AAA server and/or HSS, e.g. due to plans to provide IMS services over untrusted non-3GPP networks.
  • LCS client requests location information from HSS, it does not distinguish if the UE is connected over a trusted access or over an untrusted access.
  • LCS client and the HSS can get trustworthy location information from the 3GPP AAA Server also for a UE that is attached to an untrusted access network. Previously this was only possibly for a UE that is attached to a trusted access network like TWAN.
  • the ePDG provides more specific information about the UE location if such information is available.
  • a solution to deliver network provided location information corresponding to that for the UE accessing a trusted access such as TWAN is provided.
  • the ePDG provides location information to the PGW when this information is available in a reliable manner in a similar way as a TWAG provides the location information of the UE.
  • the ePDG provides location information to the 3GPP AAA server in a similar way as a TWAG provides the location information of the UE.
  • Some embodiments of the invention also apply in roaming scenarios where the untrusted access network is connected to the AAA Server in the HPLMN via a Proxy AAA Server in the
  • VPLMN over the SWd interface.
  • a and B when the location of the UE may be made available in the ePDG.
  • the location is made available when the 3GPP based access network authentication is performed.
  • the UE is authenticated and authorized in two steps: first for using the untrusted access network and then for accessing the EPC by establishing an IPsec tunnel between the UE and ePDG (SWu interface of Fig. 1 ).
  • the untrusted Access Network (more specifically: the UAGW) sends the UE's location information to the 3GPP AAA Server over the SWa interface during the access network authentication. That is, when the untrusted access network requests authentication and authorization from the AAA server of the 3GPP network, the untrusted access network provides additionally the UE's location information to the AAA server.
  • the AVP "Access-Network-Info" that is already defined for the STa interface can be reused for the SWa interface, at least for WLAN access networks.
  • the AAA Server of the 3GPP network sends the location information to the ePDG via the SWm interface when the UE performs the IPsec tunnel establishment with the ePDG. That is, when the ePDG requests authentication and authorization from the AAA server for setting up the IPsec tunnel, it also requests the location from the AAA server, which is provided in response to the request.
  • the request may be explicit or implicit. In the latter case, the request for authentication and authorization is interpreted as request for the location, too.
  • the 3GPP AAA Server sends the location information to the ePDG in the authorization response message it sends to the ePDG. In contrast to that, the 3GPP AAA Server does not send any location information in the authorization response message it sends e.g. to TWAG.
  • the AAA Server receives e.g. Authentication and Authorization Request from the ePDG, see Table 7.1 .2.1 .1 /1 by a Diameter message.
  • the source of Diameter messages are always included in the Diameter message, see RFC 3588, 6.1 .1 Originating a Request: "... the Origin-Host and Origin-Realm AVPs MUST be set to the appropriate values, used to identify the source of the message.”
  • AAA server is informed that the Authentication and Authorization request is from ePDG.
  • HSS does not send any authentication/authorization REQUEST to the AAA server, but the HSS sends the different message "User Profile Update Request" to the AAA Server, see 3GPP TS 29.273, Table 8.1 .2.3.1/1 .
  • the AAA Server knows on which interface it has received the request, i.e. from HSS on the SWx interface and from the PGW on the S6b interface. The contents of the messages are different as shown in the tables Table 7.1 .2.1 .1 /1 versus Table 8.1 .2.3.1/1 of 3GPP TS 29.273, respectively.
  • an agreement between at least one of the HPLMN operator and the VPLMN operator on one side and the operator of the untrusted network and ePDG on the other side should cover and ensure that the location information delivered by the untrusted network and ePDG is trustworthy. If the agreement is closed by the VPLMN operator but not by the HPLMN operator, the HPLMN operator may trust location information delivered to the HPLMN's AAA Server via the Proxy AAA server of the VPLMN, if this is covered by the (separate) roaming agreement between the HPLMN and VPLMN.
  • the ePDG and hence the EPC can trust the given location information, after the 3GPP AAA server has authenticated and authorized the UE to use the untrusted access network.
  • the other scenario (scenario B) is when the ePDG functionality is deployed within the untrusted access network (e.g. integrated with the Access GW), or the ePDG knows the deployment of the untrusted access network (e.g. the untrusted access network is connected to the ePDG via a dedicated physical or logical interface). In this case, ePDG learns and can trust the UE's location information in a proprietary manner. E.g. based on the deployment (e.g. used subnet), the ePDG knows the access network where the UE is, or there is proprietary interface between the ePDG and the access GW. In this scenario B the ePDG sends the UE's location information to the 3GPP AAA server over the SWm interface in a similar way as TWAG sends location information to the 3GPP AAA Server over the STa interface.
  • scenario B the ePDG functionality is deployed within the untrusted access network (e.g. integrated with the Access GW), or the ePDG knows
  • ePDG may also send the UE's location information to the PGW over S2b interface in a similar way as TWAG sends the location information to the PGW over the S2a interface.
  • the definition of the Access-Network-Info AVP over SWa and the information elements for location information over S2b are expanded to include location information related to other types of accesses than WLAN, since ePDG can be used to connect many types of Untrusted access networks to EPC.
  • Fig. 2 shows an apparatus according to an embodiment of the invention.
  • the apparatus may be a gateway to a 3GPP network or an element thereof.
  • Fig. 3 shows a method according to an embodiment of the invention.
  • the apparatus according to Fig. 2 may perform the method of Fig. 3 but is not limited to this method.
  • the method of Fig. 3 may be performed by the apparatus of Fig. 2 but is not limited to being performed by this apparatus.
  • the apparatus comprises checking means 10 and providing means 20.
  • the checking means 10 checks if a terminal is authenticated and authorized to access an access network of a type different from a third generation partnership project network type (S10). I.e. the terminal wants to access a non-3GPP network. For the authentication and authorization of the terminal, user information is requested from a server of a network of the third generation partnership project type (i.e. from a 3GPP network).
  • S10 third generation partnership project network type
  • Fig. 4 shows an apparatus according to an embodiment of the invention.
  • the apparatus may be an AA server such as an AAA server of a 3GPP network or an element thereof.
  • Fig. 5 shows a method according to an embodiment of the invention.
  • the apparatus according to Fig. 4 may perform the method of Fig. 5 but is not limited to this method.
  • the method of Fig. 5 may be performed by the apparatus of Fig. 4 but is not limited to being performed by this apparatus.
  • the apparatus comprises monitoring means 1 10 and providing means 1 20.
  • the monitoring means 1 1 0 monitors if a gateway requests an authentication and authorization for a terminal and an information on a location of the terminal (S1 1 0).
  • the gateway may be e.g. a PDG or an ePDG.
  • the request for the location may be explicit or implicit. If the request for the information on the location is received ("yes" in S1 10), the providing means 1 20 to provides the information on the location to the gateway in response to the request (S120).
  • Fig. 6 shows an apparatus according to an embodiment of the invention.
  • the apparatus may be a gateway such as a PDG or ePDG or an element thereof.
  • Fig. 7 shows a method according to an embodiment of the invention.
  • the apparatus according to Fig. 6 may perform the method of Fig. 7 but is not limited to this method.
  • the method of Fig. 7 may be performed by the apparatus of Fig. 6 but is not limited to being performed by this apparatus.
  • the apparatus comprises monitoring means 21 0, requesting means 220, and providing means 230.
  • the monitoring means 210 monitors if a tunnel to a terminal via an untrusted network is to be established (S21 0).
  • the tunnel is set up only if the terminal is authenticated and authorized. Authentication and authorization may have to be performed by a 3GPP network.
  • the requesting means 220 requests the authentication and authorization and an information on a location of the terminal (S220).
  • the request for the location may be explicit or implicit.
  • the request may be directed to a 3GPP network, in particular to an AA server or an AAA server of the 3GPP network.
  • the providing means 230 provides the information on the location to a gateway device (S230).
  • the information is received in response to the request of S220.
  • the gateway device may be a PGW such as a PGW of a 3GPP network.
  • Fig. 8 shows an apparatus according to an embodiment of the invention.
  • the apparatus may be a gateway such as a PDG or ePDG or an element thereof.
  • the apparatus may be integrated in network which is untrusted by a 3GPP network to which the apparatus provides an interface.
  • Fig. 9 shows a method according to an embodiment of the invention.
  • the apparatus according to Fig. 8 may perform the method of Fig. 9 but is not limited to this method.
  • the method of Fig. 9 may be performed by the apparatus of Fig. 8 but is not limited to being performed by this apparatus.
  • the apparatus comprises gateway means 310 and providing means 320.
  • the gateway means 310 provides a gateway function to a third generation partnership project network (S31 0). E.g., it may provide a ePDG function to the 3GPP network.
  • the providing means 320 provides a location information of a terminal to the third generation partnership project network (S320).
  • the location information is received from an access network having a type different from a third generation partnership project type (i.e. from a non-3GPP network).
  • Fig. 10 shows an apparatus according to an embodiment of the invention.
  • the apparatus comprises at least one processor 410, at least one memory 420 including computer program code, and the at least one processor 410, with the at least one memory 420 and the computer program code, being arranged to cause the apparatus to at least perform at least one of the methods according to Figs. 3, 5, 7, and 9.
  • Embodiments of the invention may be employed in a LTE-A network as 3GPP network. They may be employed also in other mobile networks such as CDMA, EDGE, LTE, UTRAN networks, etc.
  • the non-3GPP network may be a WiFi, WLAN network, fixed broadband access or a network of another access technology or any combination thereof, e.g. WLAN connected via fixed broadband access.
  • a terminal may be a user equipment such as a mobile phone, a smart phone, a PDA, a laptop, a tablet PC, a wearable, a machine-to-machine device, or any other device which may be connected to the respective 3GPP network and non-3GPP network.
  • a user equipment such as a mobile phone, a smart phone, a PDA, a laptop, a tablet PC, a wearable, a machine-to-machine device, or any other device which may be connected to the respective 3GPP network and non-3GPP network.
  • One piece of information may be transmitted in one or plural messages from one entity to another entity. Each of these messages may comprise further (different) pieces of information.
  • Names of network elements, protocols, and methods are based on current standards. In other versions or other technologies, the names of these network elements and/or protocols and/or methods may be different, as long as they provide a corresponding functionality.
  • each of the entities described in the present description may be based on a different hardware, or some or all of the entities may be based on the same hardware. It does not necessarily mean that they are based on different software. That is, each of the entities described in the present description may be based on different software, or some or all of the entities may be based on the same software.
  • exemplary embodiments of the present invention provide, for example a gateway such as a PGW, a ePDG, or a wireless access gateway, or a component thereof, an apparatus embodying the same, a method for controlling and/or operating the same, and computer program(s) controlling and/or operating the same as well as mediums carrying such computer program(s) and forming computer program product(s).
  • a gateway such as a PGW, a ePDG, or a wireless access gateway, or a component thereof
  • an apparatus embodying the same a method for controlling and/or operating the same, and computer program(s) controlling and/or operating the same as well as mediums carrying such computer program(s) and forming computer program product(s).
  • exemplary embodiments of the present invention provide, for example an AAA server, or a component thereof, an apparatus embodying the same, a method for controlling and/or operating the same, and computer program(s) controlling and/or operating the same as well as mediums carrying such computer program(s) and forming computer program product(s).
  • Implementations of any of the above described blocks, apparatuses, systems, techniques or methods include, as non limiting examples, implementations as hardware, software, firmware, special purpose circuits or logic, general purpose hardware or controller or other computing devices, or some combination thereof.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention concerne un procédé, consistant à surveiller si un tunnel pour accéder à un terminal par l'intermédiaire d'un réseau non sécurisé doit être établi, le tunnel n'étant paramétré que si le terminal est authentifié et autorisé; à demander, si le tunnel doit être établi, l'authentification et l'autorisation et des informations sur un emplacement du terminal; à fournir les informations reçues relatives à l'emplacement en réponse à la demande de passerelle.
PCT/EP2014/074665 2014-11-14 2014-11-14 Informations d'emplacement pour accès non sécurisé WO2016074748A1 (fr)

Priority Applications (5)

Application Number Priority Date Filing Date Title
EP14796789.7A EP3219122A1 (fr) 2014-11-14 2014-11-14 Informations d'emplacement pour accès non sécurisé
US15/526,906 US11019486B2 (en) 2014-11-14 2014-11-14 Location information for untrusted access
JP2017526084A JP6463838B2 (ja) 2014-11-14 2014-11-14 信頼できないアクセスのための位置情報
PCT/EP2014/074665 WO2016074748A1 (fr) 2014-11-14 2014-11-14 Informations d'emplacement pour accès non sécurisé
CN201480084552.3A CN107113562B (zh) 2014-11-14 2014-11-14 用于不可信接入的位置信息

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2014/074665 WO2016074748A1 (fr) 2014-11-14 2014-11-14 Informations d'emplacement pour accès non sécurisé

Publications (1)

Publication Number Publication Date
WO2016074748A1 true WO2016074748A1 (fr) 2016-05-19

Family

ID=51897287

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2014/074665 WO2016074748A1 (fr) 2014-11-14 2014-11-14 Informations d'emplacement pour accès non sécurisé

Country Status (5)

Country Link
US (1) US11019486B2 (fr)
EP (1) EP3219122A1 (fr)
JP (1) JP6463838B2 (fr)
CN (1) CN107113562B (fr)
WO (1) WO2016074748A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2018512762A (ja) * 2015-03-27 2018-05-17 インテル アイピー コーポレイション Wlanでの音声の緊急通話のための位置情報
US10652950B2 (en) 2017-11-16 2020-05-12 Cisco Technology, Inc. Method and system for providing signed user location information

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3169120B1 (fr) * 2015-11-10 2020-03-04 Alcatel Lucent Support de récupération ou de rapport de changement de localisation wlan pour accès wlan non sécurisé à un réseau central de transmission par paquets 3gpp
CN110868686B (zh) * 2018-08-13 2021-05-07 华为技术有限公司 定位方法和通信装置

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2571327A1 (fr) * 2010-07-14 2013-03-20 ZTE Corporation Procédé et système de rapport d'informations d'accès à un réseau fixe
WO2014005652A1 (fr) * 2012-07-06 2014-01-09 Nokia Siemens Networks Oy Ajout d'identificateur d'ensemble de services ou de nom de point d'accès à des messages de signalisation wlan-cellulaire
WO2014072569A1 (fr) * 2012-11-06 2014-05-15 Nokia Corporation Sélection de réseau d'accès
EP2763357A1 (fr) * 2011-11-03 2014-08-06 Huawei Technologies Co., Ltd. Procédé et dispositif de gestion de canal de sécurité de données

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7613155B2 (en) * 2005-04-30 2009-11-03 Lg Electronics Inc. Terminal, system and method for providing location information service by interworking between WLAN and mobile communication network
EP1841142A1 (fr) * 2006-03-27 2007-10-03 Matsushita Electric Industries Co., Ltd. Mode sommeil et initiation d'un service pour terminal mobile
KR100806288B1 (ko) * 2006-09-15 2008-02-22 에스케이 텔레콤주식회사 휴대인터넷망에서 가입자 위치 정보를 관리하는 방법 및시스템
KR101036415B1 (ko) * 2007-06-15 2011-05-23 후지쯔 가부시끼가이샤 통신 시스템, 통신 시스템에서의 이동 단말기의 위치 검색 방법, 및 기록 매체
CN101415187B (zh) * 2007-10-19 2011-12-28 华为技术有限公司 位置业务实现方法、基站地理位置信息广播方法及其装置
EP2079253A1 (fr) 2008-01-09 2009-07-15 Panasonic Corporation Optimisations de transfert de réseau non-3GPP vers 3GPP
EP2111071A1 (fr) * 2008-04-17 2009-10-21 Nokia Siemens Networks Oy Procédés, appareils, système et produit de programme informatique correspondant pour la signalisation de référence
JP5151997B2 (ja) * 2009-01-08 2013-02-27 富士通株式会社 通信サーバ、無線基地局、通信システムおよび通信方法
CN102025683B (zh) * 2009-09-09 2014-12-10 中兴通讯股份有限公司 接入网关控制功能实体中用户的业务接入方法与系统
CN102340763B (zh) * 2010-07-20 2016-01-20 中兴通讯股份有限公司 获取用户带宽接入位置信息的方法及系统
KR20120090460A (ko) * 2011-02-08 2012-08-17 삼성전자주식회사 광대역 무선 접속 시스템에서 위치 정보 제공 여부를 제어하기 위한 장치 및 방법
US9602990B2 (en) * 2011-04-11 2017-03-21 Qualcomm Incorporated Method for providing network-based measurements for user equipment-based positioning
CN103139754B (zh) * 2011-12-02 2015-08-05 中国移动通信集团上海有限公司 一种网络附着的方法、装置及系统
US9928494B2 (en) * 2014-05-12 2018-03-27 Verizon Patent And Licensing Inc. Verifying a status of a user device used for settling a transaction with a point of sale terminal
US9179436B1 (en) * 2014-08-22 2015-11-03 Cisco Technology, Inc. System and method for location reporting in an untrusted network environment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2571327A1 (fr) * 2010-07-14 2013-03-20 ZTE Corporation Procédé et système de rapport d'informations d'accès à un réseau fixe
EP2763357A1 (fr) * 2011-11-03 2014-08-06 Huawei Technologies Co., Ltd. Procédé et dispositif de gestion de canal de sécurité de données
WO2014005652A1 (fr) * 2012-07-06 2014-01-09 Nokia Siemens Networks Oy Ajout d'identificateur d'ensemble de services ou de nom de point d'accès à des messages de signalisation wlan-cellulaire
WO2014072569A1 (fr) * 2012-11-06 2014-05-15 Nokia Corporation Sélection de réseau d'accès

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
"3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Architecture enhancements for non-3GPP accesses (Release 12)", 3GPP STANDARD; 3GPP TS 23.402, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, vol. SA WG2, no. V12.6.0, 17 September 2014 (2014-09-17), pages 1 - 288, XP050925478 *
"Universal Mobile Telecommunications System (UMTS); LTE; Evolved Packet System (EPS); 3GPP EPS AAA interfaces (3GPP TS 29.273 version 12.5.0 Release 12)", TECHNICAL SPECIFICATION, EUROPEAN TELECOMMUNICATIONS STANDARDS INSTITUTE (ETSI), 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS ; FRANCE, vol. 3GPP CT 4, no. V12.5.0, 1 October 2014 (2014-10-01), pages 1 - 159, XP014223903 *
TSCHOFENIG H ET AL: "Carrying Location Objects in RADIUS and Diameter; rfc5580.txt", CARRYING LOCATION OBJECTS IN RADIUS AND DIAMETER; RFC5580.TXT, INTERNET ENGINEERING TASK FORCE, IETF; STANDARD, INTERNET SOCIETY (ISOC) 4, RUE DES FALAISES CH- 1205 GENEVA, SWITZERLAND, 1 August 2009 (2009-08-01), pages 1 - 53, XP015065634 *
ZTE: "Discussion for the LOBSTER solutions", 11 May 2011, 3GPP DRAFT; S2-112314_DISCUSSION FOR LOBSTER SOLUTIONS V1, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, pages: 1 - 5, XP050525337 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2018512762A (ja) * 2015-03-27 2018-05-17 インテル アイピー コーポレイション Wlanでの音声の緊急通話のための位置情報
US10149272B2 (en) 2015-03-27 2018-12-04 Intel IP Corporation Location information for voice over WLAN emergency calling
US10652950B2 (en) 2017-11-16 2020-05-12 Cisco Technology, Inc. Method and system for providing signed user location information

Also Published As

Publication number Publication date
CN107113562B (zh) 2021-06-15
US11019486B2 (en) 2021-05-25
JP2017534225A (ja) 2017-11-16
JP6463838B2 (ja) 2019-02-06
US20170318414A1 (en) 2017-11-02
CN107113562A (zh) 2017-08-29
EP3219122A1 (fr) 2017-09-20

Similar Documents

Publication Publication Date Title
EP3091759B1 (fr) Système et procédé pour notification d'emplacement dans un environnement de réseau non sécurisé
EP2923280B1 (fr) Systèmes et méthodes d'accès à un réseau
EP3113524B1 (fr) Procédés et appareil permettant de prendre en charge des demandes de connectivité de services d'urgence par l'intermédiaire de réseaux sans fil non sécurisés
US20170289883A1 (en) Emergency services handover between untrusted wlan access and cellular access
US9350734B1 (en) Method and system for managing a flood of data-connection requests
US20060294363A1 (en) System and method for tunnel management over a 3G-WLAN interworking system
US20130121322A1 (en) Method for establishing data connectivity between a wireless communication device and a core network over an ip access network, wireless communication device and communicatin system
US20130005332A1 (en) Methods and Apparatus for Multiple Data Packet Connections
US20180332457A1 (en) Support of emergency services over wlan access to 3gpp evolved packet core for unauthenticated users
US20190223013A1 (en) Method for establishing public data network connection and related device
US11019486B2 (en) Location information for untrusted access
US11290926B2 (en) Discovering handover capabilities of a mobile communication network
US11388287B2 (en) IMS emergency session handling
US11109219B2 (en) Mobile terminal, network node server, method and computer program
JP6577052B2 (ja) アクセスポイント名許可方法、アクセスポイント名許可装置、およびアクセスポイント名許可システム
WO2017081153A1 (fr) Prise en charge de rapport ou d'extraction de changement de localisation de wlan pour un accès wlan non sécurisé à un réseau central en mode paquet 3gpp
US20180343559A1 (en) Method and device for obtaining user equipment identifier, and method and device for sending user equipment identifier
WO2016202406A1 (fr) Redirection locale vers une passerelle évoluée de données par paquets (epdg)

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14796789

Country of ref document: EP

Kind code of ref document: A1

REEP Request for entry into the european phase

Ref document number: 2014796789

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2017526084

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 15526906

Country of ref document: US